<?php
include("config.php");

if(isset($_REQUEST['submit'])){
	$name = trim($_REQUEST['name']);
	$pwd = trim($_REQUEST['pwd']);
	
	$sql = "select * from admin where name = '" .$name. "'";
	
	$ret = $mysql->fetch_array($mysql->query($sql));
	if($ret){
		if($ret[0]['password'] == md5($pwd)){
			$_SESSION['name'] = $name;
			header("location: main.php");
		}else{
			echo "<script type='text/javascript'>alert('登录失败！');location.href='login.html'</script>";
		}
	}else{
		echo "<script type='text/javascript'>alert('登录失败！');location.href='login.html'</script>";
	}
}elseif(isset($_REQUEST['loginout'])){
	unset($_SESSION['name']);
	header("location: login.html");
}